CVE-2020-7769
Injection Vulnerability in npm/nodemailer
Identifiers
CVE-2020-7769
Package Slug
npm/nodemailer
Vulnerability
Injection Vulnerability
Description
Use of crafted recipient email addresses may result in arbitrary command flag injection in sendmail transport for sending emails.
Affected Versions
All versions before 6.4.16
Solution
Upgrade to version 6.4.16 or above.
Last Modified
2020-11-26
| source |